Privacy Policy

This privacy policy sets out how Proseal uk Ltd. (“We”, “Us”, “Our”) obtains, processes, and protects information about our Employees, Customers, Suppliers, Contractors, and other contacts.

Please read the following carefully to understand our views and practices regarding Personal Data and how we will treat it.
For the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the Data Controller is Proseal UK Ltd.
Our data protection registration number is Z7729946.

Queries regarding Data Protection and/or Privacy should be directed to:
Data Protection Team
Proseal uk Ltd
Adlington Industrial Estate
Adlington
Cheshire
SK10 4NL
United Kingdom
Email: dataprotection@prosealuk.com

Information we process

We will collect and process personal data according to the following:

Visitors to our website

We use a third-party service to collect standard details about a visitor’s behavioural patterns. This is normally done through the use of cookies to analyse the number of visitors to the various parts of our website. We do not make any attempt to find out the identities of any visitors.

Cookies also allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you should be able to modify your browser settings to decline cookies if you prefer, though this may prevent you from taking full advantage of the website.

Any information provided via our website enquiry form will be used solely to answer the enquiry. Should we wish to use it for any other purpose, including marketing, we will inform the enquirer and gain their consent before doing so.

Customers and prospective clients

Should a company be located outside of the UK, we may use a selected third-party distributor to provide them with a local point of contact through which to conduct their business with us. We will share only the information required to allow this to happen. The distributor will be acting as a Data Controller during any interactions with them and they will have their own policies in place regarding the GDPR.

When a company requests a service from us or places an order with us, we must process the information of the company and their contact to fulfil that request. This data will usually consist of the company name, address, telephone number, order history, and details of the person that made the request. We will, however, only use these details to deliver the service or products requested, and for other closely related purposes. For example, we might contact known customers to inform them of our holiday opening times or to inform them of our presence at a fruit-focused exhibition had they ordered fruit packaging in the past. Customers and prospective clients can opt out of receiving these communications, an easy method of opting out will be supplied via this notice and on every such communication we send.

The company information and a contact name will be stored alongside any orders that they make. After a period of 12 months of inactivity, (i.e. no email communication, no orders placed, no invoices outstanding), a customer account will be marked as inactive, and any contact information will be removed from the customer record.

Suppliers

We will process the company name, address, and telephone number, as well as any contact name we are given to allow us to contact them in relation to enquiries or orders we wish to make, or have already made, with the company. We will also store bank details for payment purposes. The company information and a contact name will be stored alongside any orders that we make. After a period of no more than 12 months from the date of our last account activity with them, the supplier account will be marked as inactive, and any contact information will be removed from the supplier record.

Contractors, other business contacts, site visitors

We will process basic information such as a company name, address, and telephone number, as well as any contact information we are given to fulfil any contractual or legal obligation we have in the relationship. Should a person attend one of our sites, we will process information required to keep them safe whilst on our sites. They will be further notified of this processing at the point of providing us with this information.

Applications for employment / apprenticeships

Any information provided to us in this context will be entered into our system and used solely to process the application. If the application is unsuccessful, we will keep the details securely stored for a period of 2 years, during which time we may contact the data subject should we wish to reconsider their application. This is not mandatory, and they may at any point before, during, or after the application, notify us that they do not want the details to be retained for this purpose. This can be done using the contact details above.

Proseal’s subsidiary companies

We store information on a centralised system available internationally to Proseal UK Ltd, Proseal America Inc, and Proseal Australia Pty Ltd. We have a Binding Corporate Agreement in place with our subsidiaries stipulating that they are required to abide by the same laws and regulations as we are regarding their use of personal data under this regulation.

Transfer of your data outside of the EEA

All information we process is encrypted at rest and stored on an internationally available server, access to which is restricted to Proseal UK Ltd and its subsidiary companies.

As indicated above, we may transfer basic Customer data to an approved local Distributor.

Some of the third-party services we use are based outside of the EEA. Utilising their service will require transfer of your data to them. In all cases where this happens we have ensured the security of your data by various means, including specific contracts, written processor agreements, or applied Model Contract Clauses approved by the European Commission. These aim to give your personal data the same protection it has in Europe.

Rights of the Data Subject

The GDPR grants all Data Subjects rights over their data. The below outlines how we will respond to a valid request under each of those rights.

The right to be informed

We will inform any data subject clearly and concisely of how we intend to use the information we collect. We will endeavour to do this at the point of collection. When this is not possible we will inform the subject at the earliest opportunity afterwards.

The right to access

We will provide information regarding the processing of a subject’s data. Including what personal data is processed, the reasons for that processing, and the results of the processing. We will respond to this request within 30 days, and there will normally be no charge for this.

The right to rectify

We will make every attempt to verify and correct any inaccurate or incomplete personal data. We will log the request within our system, ensuring that during any restoration process the corrected data will remain intact.

The right to erasure

If we are required to retain any information to complete a contract or comply with any laws or regulations, then those obligations will take precedence and we will notify the subject of such. Otherwise, we will remove the personal data from our live systems. When the information is of a particularly sensitive nature, we will also remove it from archives where possible. We will log the request within our system, ensuring that during any restoration process the data will not be reinstated.

The right to restrict processing

We will restrict our processing of a subject’s personal data until we have met the following conditions:

  • If they have contested its accuracy; until we have verified or corrected it.
  • If they have objected; until we have provided legitimate grounds or stopped processing.
  • If it is claimed to be unlawful; until we have proved otherwise or stopped processing.

Further, we will restrict processing if the data subject requires us to retain their data to establish, exercise or defend a legal claim.

The right to object to processing

Where the data subject objects to direct marketing, we will comply immediately. Where the data subject objects to any other processing, or for any other reasons, we will assess our reasons for processing and provide the results to the subject. Should we agree with the data subject’s request, we will stop processing the data for those reasons.

The right to data portability

We will provide all live data pertaining to the data subject, including that from archives, usually in JSON format, which is a structured, commonly used, and machine-readable format as required. If requested, and where reasonably possible, we will provide this data directly to a third-party designated by the data subject. We will respond to this request within 30 days, and there will normally be no charge for this.

The right to restrict Automated Decision Making

We do not make any decisions automatically, nor do we do any profiling of Data Subjects. Should this change in the future, we will update our policy accordingly.

The right to complain

If you have a complaint about our use of your information, or believe that we have not complied with the requirements of the GDPR, you can contact the Information Commissioner’s Office via their website at http://www.ico.org/concerns or write to them at: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Changes to our privacy policy

Our privacy policy is regularly reviewed. The last changes were published on 24th May 2018.

Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, or if changes are significant, we may notify you by e-mail or by notification on our main page. Please check back frequently to see any updates or changes to our privacy policy.

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to dataprotection@prosealuk.com